🗝
summary refs log tree commit diff
path: root/src/server/falx.rs
diff options
context:
space:
mode:
authormia <mia@mia.jetzt>2024-04-23 19:29:21 -0700
committermia <mia@mia.jetzt>2024-04-23 19:29:21 -0700
commit979d3d2fd87d5def87d27f4991ca8624c72b2317 (patch)
tree867f3ace60679c8fbccee597d0dcab2c15e1effd /src/server/falx.rs
parentaa9b10731fdb72d58c94d2f2221cc740023b6e39 (diff)
downloaddissociate-0.2.2.tar.gz
dissociate-0.2.2.zip
CORS headers v0.2.2
Diffstat (limited to 'src/server/falx.rs')
-rw-r--r--src/server/falx.rs13
1 files changed, 10 insertions, 3 deletions
diff --git a/src/server/falx.rs b/src/server/falx.rs
index 03a8a0b..1efffdc 100644
--- a/src/server/falx.rs
+++ b/src/server/falx.rs
@@ -1,4 +1,5 @@
 use axum::{
+    body::Body,
     extract::{Path, State},
     http::{HeaderMap, StatusCode, Uri},
     response::{IntoResponse, Response},
@@ -40,10 +41,10 @@ async fn handoff(
     State(Handoffs(handoffs)): State<Handoffs>,
     headers: HeaderMap,
 ) -> Response {
-    let Some(origin) = headers.get("Origin") else {
+    let Some(origin_header) = headers.get("Origin") else {
         return (StatusCode::BAD_REQUEST, "Missing Origin header").into_response();
     };
-    let Some(origin) = origin
+    let Some(origin) = origin_header
         .to_str()
         .ok()
         .and_then(|origin| origin.parse::<Uri>().ok())
@@ -57,5 +58,11 @@ async fn handoff(
     let Some(token) = jar.get("dissociate-token") else {
         return (StatusCode::UNAUTHORIZED, "Authenticate cookie missing").into_response();
     };
-    return (StatusCode::OK, token.value().to_string()).into_response();
+    return Response::builder()
+        .status(StatusCode::OK)
+        .header("Access-Control-Allow-Credentials", "true")
+        .header("Access-Control-Allow-Methods", "GET")
+        .header("Access-Control-Allow-Origin", origin_header)
+        .body(Body::from(token.value().to_string()))
+        .unwrap();
 }